I agree with the comments about linux/software vs commercial/hardware
firewalls. From my experience with hardware firewalls, the linux kernel
seems to me more flexible and feature rich in many cases.
I'm curious if anyone on the list has any similar comments regarding lvs load
balancing vs hardware solutions. LVS-NAT doesn't scale as well as LVS-DR, of
course, but don't most hardware load balancers do NAT just the same?
Also, any opinions on hardware ssl acceleration? Poking around, I've found
that you can buy a system with a via cpu with the padlock extension (which
openssl supports), or a $2000+ pci card, or a hardware load balancer and pay
for the $2000+ pci card add-in which most of them offer.